<%@ Register TagPrefix="dammela" Namespace="whole" Assembly = "dammela" %>
<%@ Page validateRequest="false" Language="C#" Description="Homepage" trace="false" debug="false" EnableViewState="false"%>
<%@ Import Namespace="whole"%>
<%@ Import Namespace="dammelau"%>

<%@ Import Namespace="System.Net"%>
<%@ Import Namespace="System.IO"%>
<%@ Import Namespace="System.Text"%>


<%
sqlUtil sqlu = new    sqlUtil();
usrUtil usru = new    usrUtil(Page);

if( Request.QueryString.Get("rating") != null && Request.QueryString.Get("pid") != null ) 
{
	string AJAX_return = "";
	
	if( !usru.isLogged )
		return;

	int rating = 0;
	try
	{
		rating = Convert.ToInt32(Request.QueryString.Get("rating"));
	}
	catch
	{
		return;
	}

	if( rating >= 1 && rating <=5 ) 
	{
		AJAX_return = sqlu.executeText("exec mela_galleryPicRate @pid='"+Request.QueryString.Get("pid").Replace("'","''")
			+"', @userid='" +usru.userid.ToString()
			+"', @rating=" +rating.ToString() 
			+", @ajax=1" );
	}
	else
		return;

	Response.ContentType = "text/xml";
	Response.Write( AJAX_return );

}
%>
